- From: Krishna Sankar <ksankar@cisco.com>
- Date: Tue, 4 Jul 2000 11:27:05 -0700
- To: <xml-dist-app@w3.org>
Hi, Saw your posting. Yes, we need support for security. Building in security related stuff in the SOAP specification will add interoperability. This is more important now, because BizTalk is based on SOAP. As you know BizTalk is agnostic to Temporal and spatial requirements plus it is distributed across organizations. So we need security mechanisms as we do not know where the documents will travel thru and reside, ques, mail slots, ftp sites et al. I really wouldn't trust an open PO thru the BizTalk framework as it stand now (agreed it is only a draft) I would like to see the following security related features(and an ready to offer help. We should be able to sit together and figure out common requirements) 1. Authentication (not only between servers and clients but between applications) 2. I am also a fan of Role Based Authorizations and would like to see if we can extend that concept. 3. Support for confidentiality, Integrity and repudiation - Signatures, certificates, time services et al FYI, I come from the B2B world (RosettaNet et al) and so wouldn't mind seeing these at BizTalk level. What do you think ? What we do not want is two signatures and two encryptions - one at BizTalk level and another at SOAP level. cheers
Received on Tuesday, 4 July 2000 14:31:04 UTC